<?php
/*
 * 1626cms 會員中心公用函數
 * ============================================================================
 * 版權所有: 1626網絡，并保留所有權利。
 * 網站地址: http://www.1626.com；
 * ----------------------------------------------------------------------------
 * 這不是一個自由軟件！您只能在不用于商業目的的前提下對程序代碼進行修改和
 * 使用；不允許對程序代碼以任何形式任何目的的再發布。
 * ============================================================================
 */
if(!defined('IN_QISHI'))
{
	die('Access Denied!');
}
/**
 *
 * 注冊會員
 *
 *
 */
function user_register($username,$password,$member_type,$email,$timestamp,$reg_ip){
	global $db,$_CFG;
	if (!is_numeric($member_type)||!intval($member_type) || get_user($username) || get_user($email)) return false;
	$pwd_hash=randstr();
	$password_hash=md5(md5($password).$pwd_hash);
	$sql = "INSERT INTO ".table('members')." (username,password,pwd_hash,email,reg_time,reg_ip) VALUES ('$username','$password_hash','$pwd_hash', '$email', '$timestamp','$reg_ip')";
	$db->query($sql);
	$insert_id=$db->insert_id();
	$sql1 = "INSERT INTO ".table('members_type')." (uid,utype) VALUES ('$insert_id','$member_type')";
	$db->query($sql1);
	if($member_type==1)
	{
		$sql2 = "INSERT INTO ".table('members_points')." (uid) VALUES ('$insert_id')";
		$db->query($sql2);
		$_CFG['reg_points']>0?report_deal($insert_id,1,$_CFG['reg_points'],'<span style=color:#FF6600>注冊會員系統自動贈送!</span>'):'';
	}
	return true;
	//user_login ($username,$password);
}
//會員登錄
function user_login ($user,$password)
{
	$get_name=check_user($user,$password);
	if($get_name)
	{
		update_user_info($get_name);
		return user_jump($_SESSION['utype']);
	}
	else
	{
		return "?error=1";
	}
}
/**
 *
 * 檢測用戶名和密碼是否正確
 *
 *
 */
function check_user($name,$pwd){
	global $db;
	$user_info=get_user($name);
	$pwd_hash=$user_info['pwd_hash'];
	$usname=$user_info['username'];
	$password=md5(md5($pwd).$pwd_hash);
	$row = $db->getone("SELECT COUNT(*) AS num FROM ".table('members')." WHERE username='$usname' and password = '$password'");
	if($row['num'] > 0){
		return $usname;
	}else{
		return false;
	}
}
//檢測COOKIE
function check_cookie($name,$pwd){
	global $db;
	$row = $db->getone("SELECT COUNT(*) AS num FROM ".table('members')." WHERE username='$name' and password = '$pwd'");
	if($row['num'] > 0)
	{
		return true;
	}else{
		return false;
	}
}
/**
 *
 * 更新用戶信息
 *
 *
 */
function update_user_info($username,$flush=true)
{
	global $timestamp, $online_ip,$db,$cookiepath,$cookiedomain;
	$user = get_user_inusername($username);
	$_SESSION['uid'] = $user['uid'];
	$_SESSION['username'] = $user['username'];
	$_SESSION['utype']=get_user_type($user['uid']);
	setcookie('Qishi[username]',$user['username'], time()+3600*24*365, $cookiepath, $cookiedomain);
	setcookie('Qishi[password]',$user['password'], time()+3600*24*365, $cookiepath, $cookiedomain);
	if ($flush)
	{
		$last_login_time = $timestamp;
		$last_login_ip = $online_ip;
		$sql = "UPDATE ".table('members')." SET last_login_time = '$last_login_time', last_login_ip = '$last_login_ip' WHERE uid='$_SESSION[uid]'";
		$db->query($sql);
	}
}
//根據賬戶獲取用戶信息
function get_user($val){
	$inusername=get_user_inusername($val);
	$inemail=get_user_inemail($val);
	if ($inusername)
	{
		return $inusername;
	}
	elseif ($inemail)
	{
		return $inemail;
	}
	else
	{
		return false;
	}
}
//從電子郵件獲取會員信息
function get_user_inemail($email){
	global $db;
	$sql = "select * from ".table('members')." where email = '$email'";
	$user_info=$db->getone($sql);
	return $user_info;
}
//從會員名獲取會員信息
function get_user_inusername($username){
	global $db;
	$sql = "select * from ".table('members')." where username = '$username'";
	$user_info=$db->getone($sql);
	return $user_info;
}
//從會員ID獲取會員信息
function get_user_inid($uid){
	global $db;
	$sql = "select * from ".table('members')." where uid = '$uid'";
	$user_info=$db->getone($sql);
	return $user_info;
}
//登錄跳轉
function user_jump($val)
{
	if ($val=='1') $url="member_company.php";
	if ($val=='2') $url="member_personal.php";
	return $url;
}
//獲取會員類型
function get_user_type($uid){
	global $db;
	$sql = "select * from ".table('members_type')." where uid = '$uid'";
	$user_info=$db->getone($sql);
	return $user_info['utype'];
}
//獲取隨機字符串
function randstr($length=6)
{
	$hash='';
	$chars= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz@#!~?:-=';
	$max=strlen($chars)-1;
	mt_srand((double)microtime()*1000000);
	for($i=0;$i<$length;$i++)   {
		$hash.=$chars[mt_rand(0,$max)];
	}
	return $hash;
}
//生成秘匙，防止異步數據外部提交
function asyn_userkey($uid)
{
	$user=get_user_inid(intval($uid));
	$key=md5($user['username'].$user['pwd_hash'].$user['password']);
	return $key;
}
//修改密碼
function edit_password($arr,$check=true){
	//$check=true 是否驗證就密碼
	global $db;
	if (!is_array($arr))return false;
	if (!check_user($arr['username'],$arr['oldpassword']) && $check==true)
	{
		return -1;
	}
	else
	{
		$user_info=get_user($arr['username']);
		$pwd_hash=$user_info['pwd_hash'];
		$md5password=md5(md5($arr['password']).$pwd_hash);
		if ($db->query( "UPDATE ".table('members')." SET password = '$md5password'  WHERE username='".$arr['username']."'")) return $arr['username'];
	}
	return false;
}
?>
